Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tanr
Valued Contributor II

Internet Service Database for Apple App Store No Longer Matching

Hi All,   Sometime last week our security policy that used to match to Internet Service Apple-App.Store stopped matching the app store most of the time.  The non-matching security policy did not have deep inspection, so that it wouldn't break Apple's certificate pinning mechanism.   However, now that it is not always matching, the Apple App Store traffic falls down to our deep inspection rule for that zone.  From the logs I can see that it correctly identifies the application as Apple.Store, or similar.  Unfortunately, the deep inspection then breaks the App Store connection.  So none of our iOS users (and some Mac users) are able to get updates.    This is with 5.6.6, and I'm assuming it's because Apple either added a new protocol or a new server.  The logs I checked show attempted connections are to 23.35.96.63 == a2.mzstatic.com == Akami.   Anybody else seeing this?  And has anybody reported it to TAC?  I can report it, but don't want to create duplicate reports if it's already in the works.
1 REPLY 1
tanr
Valued Contributor II

Looks like they updated the Internet Service Database, as it is once again matching correctly. 

Labels
Top Kudoed Authors